Security Bulletin

Q&A with Cisco’s own Scott McGregor on the ongoing impact of Cisco’s Social Justice beliefs and actions and what comes next.

Russia has cast aside its focus on civilian infrastructures and is instead targeting Ukraine's military operations in myriad ways.

The cohort's variety of individual tools covers just about any operating system it could possibly wish to attack.

Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.

Industrial manufacturers should take steps to protect Modbus devices and segment networks.

A painful recovery from arguably one of the worst IT outages ever continues, and the focus is shifting to what can be done to prevent something similar from happening again.

An exploit sold on an underground forum requires user action to download an unspecified malicious payload.

In April, an OS command injection vulnerability in various D-Link NAS devices was made public [1]. The vulnerability, %%CVE:2024-3273%% was exploited soon after it became public. Many of the affected devices are no longer supported.

A unified standard is essential for realizing the full potential of SBOMs in enhancing software supply chain security.

Here's a dose of reality from those on the frontlines and how they're coping.